Changes done in each Linux kernel release. Other places to get news about the Linux kernel are LWN kernel status, H-Online, or the Linux Kernel mailing list (there is a web interface in www.lkml.org). List of changes of older releases can be found at LinuxVersions. If you're going to add something here look first at LinuxChangesRules!

Summary: Besides the latest code to deal with Meltdown/Spectre, this release includes modesetting and advanced display features for the amdgpu driver; improved power management support of systems with SATA Aggressive Link Power Management; a port for the open RISC-V CPUs; initial support for virtualized memory encryption in AMD CPUs; support for the Intel User Mode Instruction Prevention feature; support of the CPU controller in cgroups v2; a new mmap(2) flag to allow direct writes to persistent memory managed by filesystems; and many new drivers and other improvements.

1. Coolest features

1.1. Meltdown/Spectre

This release contains the latest code to deal with Meltdown/Spectre, a security problem you probably have never heard of. Page Table Isolation to address Meltdown is supported for x86/Intel CPUs (it can be disabled with the pti=off kernel boot option); there is also the retpoline mechanism to mitigate spectre v2 (which affects both Intel and AMD), it requires a GCC version supporting the -mindirect-branch=thunk-extern functionality and it can be turned off with boot option spectre_v2=off (if you don't have such compiler, there will be a minimal retpoline mitigation that only exists in the kernel code written in assembly) The PowerPC architecture is also affected by Meltdown on many CPU models, and can prevent those attacks with a "RFI flush of L1-D cache" feature included in this release. ARM is also affected by meltdown, but patches for it are not included in this release. Spectre v1 is not addressed in this version.

A /sys/devices/system/cpu/vulnerabilities/ directory has been added that will show the vulnerabilities affecting your CPU and the mitigations being currently applied.

1.2. Modesetting and much better display support in the AMD amdgpu driver

This release finally includes the "display code" (132k LoC) that has been missing for a long time from the amdgpu driver - a new driver that AMD made for modern graphics hardware. It provides atomic modesetting support for DCE8 (CIK), DCE10 (Tonga, Fiji), DCE11 (CZ, ST, Polaris), DCE12 (vega10), and DCN1 (RV) including HDMI and DP audio, DP MST, and many other advanced display features. This display code has been enabled by default for Vega10 and Raven; pre-vega10 parts can be enabled via module parameter (amdgpu.dc=1), but are not enabled by default in this release because of stability concerns.

1.3. Improved power management in systems with SATA Link Power Management

For many, many years, there has been a problem with Linux and modern systems that have ALPM (Aggressive Link Power Management) in their SATA AHCI controllers (eg. Haswell, Broadwell, Skylake). Because of the obscurity and lack of documentation of the feature (and because playing with this feature was scary, because it easily caused data corruption), Linux has been unable to properly implement ALPM support for years. Lack of ALPM support prevents the system from entering in deep power saving states, which means a much worse battery life for Linux users on systems with ALPM.

In this release, a patch has been merged that implements a better default behaviour for ALPM without corrupting your data, and this means that Linux users with ALPM will see an improved battery life: a T440s test laptop saves 0.9-1.2W when idle with this patch.

1.4. New architecture: RISC-V

This release includes the main parts of the port to RISC-V CPUs. RISC-V is an open instruction set architecture that, unlike proprietary CPUs, can be freely used for any purpose, permitting anyone to design, manufacture and sell RISC-V chips and software.

The port is definitely a work in progress. While builds and boots, it's a bit hard to actually see anything happen because there are no device drivers yet.

1.5. Support for AMD Secure Encrypted Virtualization

Linux 4.14 already added support for AMD Secure Memory Encryption, a feature that allows encrypts memory when written to RAM, and automatically decrypts it when read, thus protecting the contents of DRAM from physical attacks on the system.

This release adds initial support for Secure Encrypted Virtualization, which integrates the memory encryption support in the AMD-V virtualization architecture to support encrypted virtual machines - virtual machines that have their memory secured such that only the guest itself has access to unencrypted version, which protects them from other virtual machines and even the hypervisor itself. Secure Encrypted Virtualization is particularly applicable to cloud computing where virtual machines need not fully trust the hypervisor and administrator of their host system. This release adds the changes necessary in a guest OS for Secure Encrypted Memory; changes required to create and manage SEV guests by a host will be merged in next releases.

This release adds support for a Intel CPU feature called "User Mode Instruction Prevention". When enabled, this feature disables certain instructions such as SGDT, SLDT, SIDT, SMSW and STR, from being executed in user mode, which reduces the tools available to craft some type of privilege escalation attacks. Because of emulators such as WineHQ and DOSEMU2, in virtual-8086 and protected modes, sgdt, sidt and smsw are emulated; str and sldt are not emulated (no emulation is done for user-space long mode processes).

Control groups with "unified hierarchy", or cgroup v2, was implemented in 2.6.24 and declared stable in 4.5. The individual resource controllers had to be ported in order to work with this new approach. The biggest missing item was the CPU resource controller, which is used to control the usage of CPU by a group of tasks. The merge of the CPU controller, however, required first addressing some funcionality in the cgroupv2 design, specifically the "thread mode", merged in 4.14, which supports hierarchical resource distribution across the threads of a group. After all that work, this release finally brings a cgroupv2-ready CPU controller.

This release introduces MAP_SYNC and MAP_SHARED_VALIDATE flags to mmap(2), a mechanism that implements synchronous page faults for DAX mappings to make flushing of DAX mappings possible from userspace so that they can be flushed on finer than page granularity and also avoid the overhead of a syscall. It arranges for any filesystem metadata updates that may be required to satisfy a write fault to also be flushed ("on disk") before the kernel returns to userspace from the fault handler. Effectively every write-fault that dirties metadata completes an fsync() before returning from the fault handler. The new MAP_SHARED_VALIDATE mapping type guarantees that the MAP_SYNC flag is validated as supported by the filesystem's mmap() implementation.

(Un)patching Callbacks, which provide a mechanism for livepatch modules to execute callback functions when a kernel object is (un)patched. They can be considered a "power feature" that extends livepatching abilities to include: Safe updates to global data, "Patches" to init and probe functions and patching otherwise unpatchable code (i.e. assembly) commit, commit, commit

Shadow variables: they allow callers to associate new shadow fields to existing data structures, in order to emulate additions to said structures commit

pvqspinlock: Implement hybrid queued/unfair lock with 2 modes to combine the best attributes of an unfair lock and a pvqspinlock. A lock waiter goes into the unfair mode when there are waiters in the wait queue but the pending bit isn't set. Otherwise, it will go into the queued mode waiting in the queue for its turn commit

A new version of ioctl "extent to inode mapping", addressing a usecase where we want to retrieve more but inaccurate results and do the postprocessing in userspace, aiding defragmentation or deduplication tools commit, commit, commit

6. Tracing and perf

perf stat: Add generic support for standalone metrics specified in JSON files. A metric is a formula that uses multiple events to compute a higher level result (e.g. IPC) commit

perf stat: Setting up groups can be complicated due to the complicated scheduling restrictions of different PMUs. Add a concept of a 'weak group': try to set up a group, but if it's not schedulable fallback to not using a group commit

perf record: user registers can currently only collected implicitely with call graph recording. To allow to see them separately, and filter them, add a new --user-regs option to record that is similar to --intr-regs, but acts on user regs. Also teach perf script to print user regs commit, commit

perf sched timehist: Add --pid and --tid options to show only events for specific pid/tids commit

8. Cryptography

9. Security

Add eBPF LSM hooks (see bpf section in networking)

EVM

Extend the /sys/kernel/security/evm interface to allow userspace to signal an RSA key has been loaded. Also allow userspace to block loading of a symmetric key in order to avoid a compromised system from being able to load an additional key type later commit

Remove the forward-acknowledgment (FACK) packet-based loss and reordering detection. FACK has been disabled by default and the successor RACK subsumed FACK and can handle reordering better commit, commit

New socket option TCP_FASTOPEN_KEY to allow different keys per listener commit

Configure TFO without cookie per socket and/or per route. Linux already allows to enable TFO without a cookie by using the fastopen-sysctl and setting it to TFO_SERVER_COOKIE_NOT_REQD (or TFO_CLIENT_NO_COOKIE). This release exposes a socket-option and a per-route attribute to enable such fine-grained configurations commit

During route lookup, reader lock is taken and during route insertion, deletion or modification, writer lock is taken. This is a very inefficient implementation because the fastpath always has to do the operation to grab the reader lock. This release tries to get rid of the usage of the rwlock and replace it with rcu and spinlock protection. This greatly speeds up the fastpath performance as it only needs to hold rcu which is much less expensive than grabbing the reader lock commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit

eBPF-based device cgroup controller: cgroup v2 lacks the device controller, provided by cgroup v1; this release adds a new eBPF program type, which in combination of previously added ability to attach multiple eBPF programs to a cgroup, will provide a similar functionality, but with some additional flexibility commit, commit, commit, commit, commit

New file mode and LSM hooks for eBPF object permission control: eBPF objects are accessed, controlled, and shared via a file descriptor, but unlike file descriptors for files and sockets, the existing mechanisms for eBPF object access control are very limited: grant access to all processes, or only CAP_SYS_ADMIN processes. This release adds LSM hooks to eBPF so that security systems such as selinux can do a more fine grained control commit, commit, commit, commit, commit

Enable generic transfer of metadata from XDP into skb, meaning the packet has a flexible and programmable room for meta data, which can later be used by BPF to set various skb members when passing up the stack commit, commit, commit, commit, commit, commit

sch_netem: convert netem away from the old "ticks" interface and userspace API, and add support for a new "slot" feature intended to emulate bursty macs such as WiFi and LTE better commit, commit, commit

netfilter: nf_tables: adds a new get operation to look up for specific elements in a set via netlink interface commit

12. Drivers

12.1. Graphics

Add DRM mode object leasing for improving VR use cases. It provides new data structures to hold "lease" information about drm mode setting objects, and provides for creating new drm_masters which have access to a subset of the available drm resources commit, commit, commit, commit

Add CRTC_GET_SEQUENCE and CRTC_QUEUE_SEQUENCE ioctls. They provide crtc-id based functions instead of pipe-number, while also offering higher resolution time and wider frame count as required by the Vulkan API commit

User defined priorities support. It allows to change the default priority on a per-context basis, allowing different contexts to be favoured with GPU time at the expense of lower importance work. The user can adjust the context's priority via I915_CONTEXT_PARAM_PRIORITY, with more positive values being higher priority (they will be serviced earlier, after their dependencies have been resolved) commit, commit, commit

(FEATURED) Merge the AMD DC (display code) layer which is requirement to program the display engines on the new Vega and Raven based GPUs. It also contains support for all amdgpu supported GPUs (CIK, VI, Polaris), which has to be enabled. It is also a kms atomic modesetting compatible driver (unlike the previous display code) and it includes HDMI and DP audio, DP MST, and many other advanced display features merge

Enable differentiated services code point (dscp) to priority mapping for Ethernet packet. Once this feature is enabled, the packet is routed to the corresponding priority based on its dscp. User can combine this feature with priority flow control (pfc) feature to have priority flow control based on the dscp commit, commit, commit, commit, commit, commit